“System is trying to receive a connection from the Internet.”
Welcome to the Forum, Darren-7.
Those are not Internet IP’s, they come from your private network. You are behind a router?
System should be set to Outgoing Only in your firewall rules.
Svchost.exe should also be Outgoing Only.
How do I do that?
My apologies, Darren-7.
Open CIS, click on Firewall (located at the top and just follow these clicks).
Advanced → Network Security Policy
Scroll down and locate ‘System’. Select it and click Edit (right side).
Select ‘Use Predefined Policy’, and select ‘Outgoing Only’ from the dropdown box.
Do the same with svchost.exe.
Then click ‘Apply’ on the Policy window to place the rules into effect.
is that just for people behind a router?
I think it can apply for people who don’t have a router.
Also, try the instructions shown in the attached picture.
[attachment deleted by admin]
have just done it (i never noticed that bit before) i went for the second choice - to alert me - as i use a bittorrent client
thanks for your quick response
With doing this there will be no more pop-ups like " System is trying to receive a connection from internet" ?
All attemps from outside will be blocked.
How can be this done with Svchost.exe ? Because there are couple of Svchost services running.
Welcome to the Forum, renegade04
Not all Svchost.exe instances will try to make an Internet connection.
Select any svchost.exe instance and create the rule for it.
Hi John. Thanks for answering quickly.
You mean to select all the Svchost.exe instances and apply the above rule?
Can i get answer to first part of my question :
With doing this there will be no more pop-ups like " System is trying to receive a connection from internet" ? All attemps from outside will be blocked.
Are these connection from infected computers and from people that are trying to get in to my pc?
Once the rule is created for svchost.exe, you will not receive any further popus for this file.
You only need to make the rule for one instance of svchost.exe to be applied to all svchost.exe instances, as it is the same file, just multiple times.
Does this answer your question?
It does answers my question regarding to svchost.exe. Thanks.
Now when have applied this rules (yours and from LaserWraith) i’m getting weird blocked connections that previously i haven’t got.
It says that blocked application is “Windows Operating System” and that is trying to connect to my PC. Any info about this.
This is because the ‘Blocked’ rule also says to log any unmatching requests. Great for troubleshooting.
If you prefer, you can go into Firewall/Advanced/Predefined Policies and ‘Edit’ the Outgoing Only policy. Select ‘Block and Log’, Edit, and uncheck the option to log this if rule is fired (top of the window). Apply to each window on your way out.
One more thing that i’m curious about :
With appling the above, there will be no more pop-ups like " System is trying to receive a connection from internet" and All attemps from outside will be blocked, right?
So, Now i won’t be bother with this types of questions from pop-ups and i presume that the amount of pop-ups will be minimal?
With stealthing all the my ports as “LaserWraith” mentioned in post Reply #8, i suppose that i will be safer?
The above instances of ‘System’ and ‘svchost.exe’ can be found ‘Add’, then from ‘Select’ to choose ‘Running processes’ and the to choose ‘System’ and ‘svchost.exe’?
As in pictures below?
[attachment deleted by admin]
- It will hide your ports from the Internet. Harder to find/hack you if they don’t see you.